Intel® Advanced Vector Extensions

SGX - presence of Manageability Engine

The SDK guide mentions monotonic counters and trusted time. These are apparently provided by the tae_service library, which communicates with special architectural enclaves.

Such features must surely require hardware support (non-volatile storage at the least). The prior SGX specifications did not mention any such features.

The SDK guide describes a "manageability engine" in a few short sentences:

Intel SGX SDK under Windows 10 threshold 2

Hi all,

 

I built and ran the sample code of the SDK under Windows 10 threshold 2.

However, it doesn't work. The sample program is suspended.

So, I saw the device manager and could't find "Software Guard Extensions device".

The sgx_driver.sys file also doesn't exist in the system32\drivers folder.

Moreover,  the Intel SGX AESM service stopped and I could not restart it due to an unexpected error.

 

How to build serial communication with Intel Galileo ?

char number;
void setup()
{
Serial.begin(9600);
pinMode(13,OUTPUT);
 
}
void loop()
{
if(Serial.available())
{
number = Serial.read();
Serial.println(number);
if(number=='A')
{digitalWrite(13,HIGH);}
if(number=='B')
{digitalWrite(13,LOW);}
}
}

 

 

I want to use bluetooth (control by mobile phone) to control the pin13 LED.

Intel MPX with i5-6300U processor

Intel MPX feature bit is unexpectedly cleared (CPUID.07H.EBX.MPX[bit 14] = 0) with my Intel i5-6300U processor. However, its specification <http://ark.intel.com/products/88190/Intel-Core-i5-6300U-Processor-3M-Cac... indicates that the processor supports Intel MPX.

I am with the latest firmware (released in December) under Windows 10 Pro. Should I manually set the bits of XCR0[bits 4:3] to enable the MPX feature?

 

SGX - is HeapMaxSize necessary?

The .edl files contain a HeapMaxSize entry. The SDK User Guide states that this is because

Enclave memory is a limited resource. Maximum heap size is set at enclave creation.

But doesn't the SGX specification allow EPC page swapping (EPA, EBLOCK, ETRACK, EWB)?

Or in a more practical sense: is there a disadvantage to setting HeapMaxSize=2^64 Bytes?

Maybe EPC page swapping is not yet supported by the SDK, or maybe the trusted enclave code has to manually trigger such swapping?

Intel SGX with i5-6300U processor

CPUID[07H][EBX][bit 2] reveals that SGX feature is unavailable with the i5-6300U processor I am using, but the specification <http://ark.intel.com/products/88190/Intel-Core-i5-6300U-Processor-3M-Cac... indicates that Intel SGX is available with the processor.

Should I install the evaluation SDK first? I am with Windows 10 Pro now.

CPUID dump

Message Address Register: Redirection hint & Destination mode

Intel® 64 and IA-32 Architectures Software Developer’s Manual
Volume 3 (3A, 3B, 3C & 3D): System Programming Guide
---

I have a question about the combination of RH bit and DM bit of 10.11.1 Message Address Register Format.

I use the combination as below, it looks like work is going well.
RH = 0
DM = 1

But, there are following mentions in 10.11.1, so the combination of RH = 0 and DM = 1 looks like the wrong combination.

Intel SGX - Building a trusted enclave within untrusted OS

Hello, I'm currently researching a little about the Intel SGX instructions and I find it difficult to understand how one can actually **build** a trusted enclave within an untrusted operating system. many of the Intel SGX instructions are ring 0 instructions that require kernel privilege. This implies
that the operating system (most likely) must be involved to provide services (Through e.g. system-calls). How can one trust the OS to actually build a trusted enclave for him?

I did find the following paragraph within Intel manual:

Iscriversi a Intel® Advanced Vector Extensions